Zero Day Dark Web Market ‘TheRealDeal’ Selling MS15-034 Exploit

A new dark web market has appeared, focused on the selling of 0-day exploit code. The market is called “TheRealDeal Market,” and although still in its infancy, there are already a few exploits listed.

One exploit claims to target the recent MS15-034 Microsoft IIS Remote Code Execution vulnerability and comes with reverse shell and research information associated with it.

According to the developers of the TheRealDeal:

“This market was created after years and dozens of websites claiming to sell privileged information and zero-day code, while always turning out to be a scam.”

There are additional exploits for a remote database object in iCloud, as well as Android, WordPress and others. There is no way to verify that the exploits are real at this time.

In addition to exploits, the site is also selling information on financial fraud, RATs, drugs and weapons you would see on a typical dark net market.

The site charges a 3 percent transaction fee, with a number of measures implemented to try and mitigate fraud through the use of multi-signature escrow transactions. The multi-signature model involves the buyer, seller and admin, and the transaction needs to be approved by two of the three parties before funds are transferred.

At this point, there is no way to verify if the exploits are real without buying and testing the exploits, but it is something we will be watching to see if the market grows and the exploits are real.